[asterisk-users] Root Password not taking

[Wilton Helm]

There have been a number of answers provided.  The one that was given to me when I encountered this same problem was to boot a live CD, mount the root file system and delete the password file which would force your normal distro boot to request a new root password next time.

HOWEVER, the big deal here is that the most likely cause is the server being hacked.  I got hacked a few months ago.  Step 1 was log in as root.  Step 2 was change the root password.  Step 3 was replace a few key executables like ps so I couldn't do administrative tasks.  Step 4 was launch a denial of service attack against someone.  That is when I discovered the problem, because it ate up all my DSL bandwidth.

The problem is that you don't know exactly what files have been changed and if they have left a trap door or something.  You could fix the root password, and even discover and restore a few key files, only to find it hacked 5 minutes later because you didn't know everything that had been altered.  For that reason, few people will put a system back on line after the root password has been compromised.  Re-installation is the only safe way.  If some of your directories like /home and /user have separate mount points, they don't have to get wiped out in the process.

Wilton
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.digium.com/pipermail/asterisk-users/attachments/20090122/7fd2547e/attachment.htm